Pages

Friday, 16 June 2017

NHS cyber-attack was 'launched from North Korea'

British security officials believe that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned.

Britain's National Cyber Security Centre (NCSC) led the international investigation.

Security sources have told the BBC that the NCSC believes that a hacking group known as Lazarus launched the attack.

The US Computer Emergency Response Team has also warned about Lazarus.

The same group is believed to have targeted Sony Pictures in 2014.

The Sony hack came as the company planned to release the movie The Interview, a satire about the North Korean leadership starring Seth Rogen. The movie was eventually given a limited release after an initial delay.

In May, ransomware called WannaCry swept across the world, locking computers and demanding payment for them to be unlocked. The NHS in the UK was particularly badly hit.

Officials in Britain's National Cyber Security Centre (NCSC) began their own investigation and concluded their assessment in recent weeks.

The ransomware did not target Britain or the NHS specifically, and may well have been a money-making scheme that got out of control, particularly since the hackers do not appear to have retrieved any of the ransom money as yet.

Although the group is based in North Korea the exact role of the leadership in Pyongyang in ordering the attack is less clear.

The same group is also thought to have been behind the theft of money from banks.